You are on page 1of 29

Blind Authentication: A Secure

Crypto-Biometric
Verification Protocol

Guided by
Prof L

Rohan Abraham
223
R7

In a Nutshell
A protocol for blind biometric authentication
Blind - does not reveal biometric information to
the authenticating server or vice versa
Secure encrypted biometrics, template
protection

CONTENTS
Biometric Authentication
Blind Biometric Authentication Protocol using a
linear classifier
Security & Privacy Issues
Implementation using SVM
Analysis Accuracy and Biometric Verification
Future Possibilities

Biometrics

Sensor-based recognition of identity using biological


signatures like face, fingerprints, hand geometry and iris
which are unique to an individual
Primary concerns
1. Template Protection biometric of a person does not change and
cannot be replaced once compromised.
2. Users privacy need to be preserved
3. Trust between user & Server
Server may not be trustworthy or competent to handle users plain
biometric while the server has to find out if the user is genuine.
4. Network Security (third party intruders)

What is Blind Authentication ?


A biometric authentication protocol that
does not reveal any:
information about the biometric samples to
the authenticating server.
information regarding the classifier,
employed by the server, to the user or client

How it works

Affiliated terms

x- Feature vector of the sample (length n)


- Feature vector of the template(length n)
- Threshold value
E(x)- encryption function
,r- random numbers generated as a part of the
encryption scheme
n- Number of features recognized by the sensor
and is static for a given biometric.

Homomorphic Encryption
An encryption scheme using which some algebraic
operation , like addition or multiplication, can be directly
done on the cipher text

Identity Validation Process

Algorithm: Authentication

BLIND SECURE PRODUCT


PROTOCOL
Receive

from client

Server computes kn+k random numbers such


that
Server computes
and send it to the client.Client decrypts it.
Client computes
Send

to the server

Server computes

Algorithm analysis
The server carries out all its computation in the
encrypted domain and hence does not get any
information about x or .
Privacy is based on the servers ability to
generate random numbers. The server has
access to a random number generator(PRNG)
Encrypted information is unable to be
deciphered and the final SOP expression is
obtained which is congruent with the original
weighted product

The following condition is the reason why the


server is able to compute S in step(8).

Enrollment Phase

Enrollment based on a trusted third party(TTP).At


the time of registering with the website, the
encrypted version of the users biometric template
is made available to the website.

Algorithm: Enrollment

System Security
Biometric systems are more secure when compared to
passwords or tokens as they are difficult to reproduce.
The security is further enhanced by the fact that the
attacker needs to get access to both the users
biometric as well as the private key to be able to pose
as an enrolled user.
Security breaches can occur at the server, client or the
network.

Server Security
Case 1:
Hacker gains access to the template database.
Case 2:
Hacker is in the database server during
authentication.
Case 3:
Impostor trying blind attacks from a remote
machine.

Client Security
Case 4:
Hacker gains access to the users biometric or
private key.
Case 5:
Passive attack at the users computer.

Network security
Attacker gains access to the network
The confidentiality of the data flow over the
network can be ensured using standard
cryptographic methods like ciphers and digital
signatures.
All traffic is encrypted either using clients public
key or random numbers generated by server.

Privacy
Concern of revealing personal information:
Since original template or test sample is not
revealed to the server, only identity is
established.
Concern of being tracked: Different keys for
different applications(servers), thereby avoid
being tracked across uses.

Implementation and Analysis


An SVM (Support Vector Machine) classifier based on clientserver architecture for the evaluation of the protocol was
implemented in GNU/C
SVM is a supervised learning method which can be used for
classification. Given a set of training examples, each marked as
belonging to one of two categories, an SVM training algorithm
builds a model that assigns new examples into one category or
the other.
An SVM model is a representation
of the examples as points in space
mapped so that the examples of the
separate categories are divided by a
clear gap

RSA and Paillier cryptosystems are used to generate keys,


both of which are public key encryption schemes. They
arepublic-key cryptosystemsand are widely used for
secure data transmission. The encryption keyis public and
differs from thedecryption keywhich is kept secret.
The feature vectors of the SVM are scaled and rounded off
to integers. An implicit sign representation is used to
handle negative numbers. If the range is (0,M) we use
(0,M/2) for positive numbers and the remaining numbers
for negative. Let M=256,then -95 is represented as
-95modulo256=-95+256=161
A parameter is encrypted by mapping the integral number
to implicit sign representation and reverse mapping is
done by the server on the results.

IMPLEMENTATION AND ANALYSIS


Experiments designed to evaluate the efficiency and
accuracy of proposed approach.
For evaluation, an SVM based verifier based on clientserver architecture was implemented.
Verification time for
various key sizes and
feature vector lengths

ROC CURVES FOR


VERIFICATION

Advantages of Blind Authentication


Fast and Provably Secure authentication without
trading off accuracy.
Supports generic classifiers such as Neural Network
and SVMs.
Useful with wide variety of fixed-length biometrictraits.
Ideal for applications such as biometric ATMs, login
from public terminals.

Disadvantages
Foolproof Enrollment procedures are necessary to
ensure that the biometric is secure from any type of
attacks (e.g. a malicious enrollment server)
Success of Biometric authentication is solely
dependent on the invariance of physical features.
Therefore, if the biometric is damaged by injury
(hand geometry) or disease (cataract for iris
recognition) or presence of foreign substances (like
water or oil), then the encryption algorithm may not
give expected results.

Conclusions
Verification can be done in real-time with the help of
available hardware
Keep the interaction between the user and the server to a
minimum
Extensions to this work includes secure enrollment
protocols and encryption methods to reduce
computations
Dynamic warping based matching of variable length
feature
approach

vectors can further enhance the utility of the

References
N. K. Ratha, J. H. Connell, and R. M. Bolle,
Enhancing security and privacy in biometricsbased authentication systems
Maneesh Upmanyu, Anoop M. Namboodiri, K.
Srinathan and C.V. Jawahar, Blind
authentication: A secure crypto-biometric
verification protocol
IEEE-Transactions on Information Forensics
and Security (IEEE-TIFS, June 2010)